I had to allow an FTP Client out to an FTP server that was using passive FTP. Passive FTP starts communication on port 21, then gets instructions from the FTP server which dynamic port to use to transfer data. Although I had a firewall rule to allow all ports to go out for that specific FTP client, file transfer was still blocked. The firewall log showed that the initial traffic on port 21 was allowed through, but all subsequent traffic on the dynamic ports was blocked. After some digging, Read more [...]